<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Chapter 31. Zend_OpenId</title>
<link rel="stylesheet" href="dbstyle.css" type="text/css">
<meta name="generator" content="DocBook XSL Stylesheets V1.72.0">
<link rel="start" href="index.html" title="Programmer's Reference Guide">
<link rel="up" href="index.html" title="Programmer's Reference Guide">
<link rel="prev" href="zend.mime.part.html" title="30.3. Zend_Mime_Part">
<link rel="next" href="zend.openid.consumer.html" title="31.2. Zend_OpenId_Consumer Basics">
<link rel="chapter" href="introduction.html" title="Chapter 1. Introduction to Zend Framework">
<link rel="chapter" href="zend.acl.html" title="Chapter 2. Zend_Acl">
<link rel="chapter" href="zend.auth.html" title="Chapter 3. Zend_Auth">
<link rel="chapter" href="zend.cache.html" title="Chapter 4. Zend_Cache">
<link rel="chapter" href="zend.config.html" title="Chapter 5. Zend_Config">
<link rel="chapter" href="zend.console.getopt.html" title="Chapter 6. Zend_Console_Getopt">
<link rel="chapter" href="zend.controller.html" title="Chapter 7. Zend_Controller">
<link rel="chapter" href="zend.currency.html" title="Chapter 8. Zend_Currency">
<link rel="chapter" href="zend.date.html" title="Chapter 9. Zend_Date">
<link rel="chapter" href="zend.db.html" title="Chapter 10. Zend_Db">
<link rel="chapter" href="zend.debug.html" title="Chapter 11. Zend_Debug">
<link rel="chapter" href="zend.dojo.html" title="Chapter 12. Zend_Dojo">
<link rel="chapter" href="zend.dom.html" title="Chapter 13. Zend_Dom">
<link rel="chapter" href="zend.exception.html" title="Chapter 14. Zend_Exception">
<link rel="chapter" href="zend.feed.html" title="Chapter 15. Zend_Feed">
<link rel="chapter" href="zend.filter.html" title="Chapter 16. Zend_Filter">
<link rel="chapter" href="zend.form.html" title="Chapter 17. Zend_Form">
<link rel="chapter" href="zend.gdata.html" title="Chapter 18. Zend_Gdata">
<link rel="chapter" href="zend.http.html" title="Chapter 19. Zend_Http">
<link rel="chapter" href="zend.infocard.html" title="Chapter 20. Zend_InfoCard">
<link rel="chapter" href="zend.json.html" title="Chapter 21. Zend_Json">
<link rel="chapter" href="zend.layout.html" title="Chapter 22. Zend_Layout">
<link rel="chapter" href="zend.ldap.html" title="Chapter 23. Zend_Ldap">
<link rel="chapter" href="zend.loader.html" title="Chapter 24. Zend_Loader">
<link rel="chapter" href="zend.locale.html" title="Chapter 25. Zend_Locale">
<link rel="chapter" href="zend.log.html" title="Chapter 26. Zend_Log">
<link rel="chapter" href="zend.mail.html" title="Chapter 27. Zend_Mail">
<link rel="chapter" href="zend.measure.html" title="Chapter 28. Zend_Measure">
<link rel="chapter" href="zend.memory.html" title="Chapter 29. Zend_Memory">
<link rel="chapter" href="zend.mime.html" title="Chapter 30. Zend_Mime">
<link rel="chapter" href="zend.openid.html" title="Chapter 31. Zend_OpenId">
<link rel="chapter" href="zend.paginator.html" title="Chapter 32. Zend_Paginator">
<link rel="chapter" href="zend.pdf.html" title="Chapter 33. Zend_Pdf">
<link rel="chapter" href="zend.registry.html" title="Chapter 34. Zend_Registry">
<link rel="chapter" href="zend.rest.html" title="Chapter 35. Zend_Rest">
<link rel="chapter" href="zend.search.lucene.html" title="Chapter 36. Zend_Search_Lucene">
<link rel="chapter" href="zend.server.html" title="Chapter 37. Zend_Server">
<link rel="chapter" href="zend.service.html" title="Chapter 38. Zend_Service">
<link rel="chapter" href="zend.session.html" title="Chapter 39. Zend_Session">
<link rel="chapter" href="zend.soap.html" title="Chapter 40. Zend_Soap">
<link rel="chapter" href="zend.test.html" title="Chapter 41. Zend_Test">
<link rel="chapter" href="zend.text.html" title="Chapter 42. Zend_Text">
<link rel="chapter" href="zend.timesync.html" title="Chapter 43. Zend_TimeSync">
<link rel="chapter" href="zend.translate.html" title="Chapter 44. Zend_Translate">
<link rel="chapter" href="zend.uri.html" title="Chapter 45. Zend_Uri">
<link rel="chapter" href="zend.validate.html" title="Chapter 46. Zend_Validate">
<link rel="chapter" href="zend.version.html" title="Chapter 47. Zend_Version">
<link rel="chapter" href="zend.view.html" title="Chapter 48. Zend_View">
<link rel="chapter" href="zend.xmlrpc.html" title="Chapter 49. Zend_XmlRpc">
<link rel="appendix" href="requirements.html" title="Appendix A. Zend Framework Requirements">
<link rel="appendix" href="coding-standard.html" title="Appendix B. Zend Framework Coding Standard for PHP">
<link rel="appendix" href="copyrights.html" title="Appendix C. Copyright Information">
<link rel="index" href="the.index.html" title="Index">
<link rel="section" href="zend.openid.html#zend.openid.introduction" title="31.1. Introduction">
<link rel="section" href="zend.openid.consumer.html" title="31.2. Zend_OpenId_Consumer Basics">
<link rel="section" href="zend.openid.provider.html" title="31.3. Zend_OpenId_Provider">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
<div class="navheader"><table width="100%" summary="Navigation header">
<tr><th colspan="3" align="center">Chapter 31. Zend_OpenId</th></tr>
<tr>
<td width="20%" align="left">
<a accesskey="p" href="zend.mime.part.html">Prev</a> </td>
<th width="60%" align="center"> </th>
<td width="20%" align="right"> <a accesskey="n" href="zend.openid.consumer.html">Next</a>
</td>
</tr>
</table></div>
<div class="chapter" lang="en">
<div class="titlepage"><div><div><h2 class="title">
<a name="zend.openid"></a>Chapter 31. Zend_OpenId</h2></div></div></div>
<div class="toc">
<p><b>Table of Contents</b></p>
<dl>
<dt><span class="sect1"><a href="zend.openid.html#zend.openid.introduction">31.1. Introduction</a></span></dt>
<dd><dl>
<dt><span class="sect2"><a href="zend.openid.html#zend.openid.introduction.what">31.1.1. What is OpenID?</a></span></dt>
<dt><span class="sect2"><a href="zend.openid.html#zend.openid.introduction.how">31.1.2. How Does it Work?</a></span></dt>
<dt><span class="sect2"><a href="zend.openid.html#zend.openid.introduction.structure">31.1.3. Zend_OpenId Structure</a></span></dt>
<dt><span class="sect2"><a href="zend.openid.html#zend.openid.introduction.standards">31.1.4. Supported Standards</a></span></dt>
</dl></dd>
<dt><span class="sect1"><a href="zend.openid.consumer.html">31.2. Zend_OpenId_Consumer Basics</a></span></dt>
<dd><dl>
<dt><span class="sect2"><a href="zend.openid.consumer.html#zend.openid.consumer.authentication">31.2.1. OpenID Authentication</a></span></dt>
<dt><span class="sect2"><a href="zend.openid.consumer.html#zend.openid.consumer.combine">31.2.2. Combine all Steps in One Page</a></span></dt>
<dt><span class="sect2"><a href="zend.openid.consumer.html#zend.openid.consumer.realm">31.2.3. Realm</a></span></dt>
<dt><span class="sect2"><a href="zend.openid.consumer.html#zend.openid.consumer.check">31.2.4. Immediate Check</a></span></dt>
<dt><span class="sect2"><a href="zend.openid.consumer.html#zend.openid.consumer.storage">31.2.5. Zend_OpenId_Consumer_Storage</a></span></dt>
<dt><span class="sect2"><a href="zend.openid.consumer.html#zend.openid.consumer.sreg">31.2.6. Simple Registration Extension</a></span></dt>
<dt><span class="sect2"><a href="zend.openid.consumer.html#zend.openid.consumer.auth">31.2.7. Integration with Zend_Auth</a></span></dt>
<dt><span class="sect2"><a href="zend.openid.consumer.html#zend.openid.consumer.mvc">31.2.8. Integration with Zend_Controller</a></span></dt>
</dl></dd>
<dt><span class="sect1"><a href="zend.openid.provider.html">31.3. Zend_OpenId_Provider</a></span></dt>
<dd><dl>
<dt><span class="sect2"><a href="zend.openid.provider.html#zend.openid.provider.start">31.3.1. Quick Start</a></span></dt>
<dt><span class="sect2"><a href="zend.openid.provider.html#zend.openid.provider.all">31.3.2. Combine all together</a></span></dt>
<dt><span class="sect2"><a href="zend.openid.provider.html#zend.openid.provider.sreg">31.3.3. Simple Registration Extension</a></span></dt>
<dt><span class="sect2"><a href="zend.openid.provider.html#zend.openid.provider.else">31.3.4. What Else?</a></span></dt>
</dl></dd>
</dl>
</div>
<div class="sect1" lang="en">
<div class="titlepage"><div><div><h2 class="title" style="clear: both">
<a name="zend.openid.introduction"></a>31.1. Introduction</h2></div></div></div>
<p>
        <code class="code">Zend_OpenId</code> is a Zend Framework component that provides a
        simple API for building OpenID-enabled sites and identity providers.
    </p>
<div class="sect2" lang="en">
<div class="titlepage"><div><div><h3 class="title">
<a name="zend.openid.introduction.what"></a>31.1.1. What is OpenID?</h3></div></div></div>
<p>
            OpenID is a set of protocols for user-centric digital identities.
            These protocols allow to create an identity online, using an identity
            provider. This identity can be used anywhere that OpenID is supported.
            Using OpenID-enabled sites, web users do not need to remember traditional
            authentication tokens such as username and password. All OpenID-enabled
            sites accept a single OpenID identity. This identity is typically a URL.
            It may be the URL of the user's personal page, blog or other resource that
            may provide additional information about them. No more need for many
            passwords and different user names - just one identifier for all Internet
            services. OpenID is an open, decentralized, and free user centric
            solution. A user may choose which OpenID provider to use, or even create
            their own personal identity server. No central authority is needed to
            approve or register OpenID-enabled sites or identity providers.
        </p>
<p>
            For more information about OpenID visit <a href="http://www.openid.net/" target="_top">OpenID official site</a>
            and look into the <a href="http://www.openidbook.com/" target="_top">OpenID Book by Rafeeq
            Rehman</a>.
        </p>
</div>
<div class="sect2" lang="en">
<div class="titlepage"><div><div><h3 class="title">
<a name="zend.openid.introduction.how"></a>31.1.2. How Does it Work?</h3></div></div></div>
<p>
            The main purpose of the <code class="code">Zend_OpenId</code> components is to
            implement an OpenID authentication protocol as described in the following
            diagram:
        </p>
<p>
            <img src="figures/zend.openid.protocol.jpg" align="middle">
        </p>
<div class="orderedlist"><ol type="1">
<li><p>
                    Authentication is initiated by the end-user, who passes their
                    OpenID identifier to the OpenID consumer through a User-Agent.
                </p></li>
<li><p>
                    The OpenID consumer performs normalization of the user-supplied
                    identifier, and discovery on it. As result, it gets the following:
                    a claimed identifier, OpenID provider URL and an OpenID protocol
                    version.
                </p></li>
<li><p>
                    The OpenID client establishes an optional association with the
                    server using Diffie-Hellman keys. As a result, both parties get
                    a common "shared secret" that is used for signing and verification
                    of the following (subsequent) messages.
                </p></li>
<li><p>
                    The OpenID consumer redirects the User-Agent to the OpenID
                    provider's URL with an OpenID authentication request.
                </p></li>
<li><p>
                    The OpenID Provider checks if the user-Agent is already
                    authenticated and offers to do so if needed.
                </p></li>
<li><p>
                    The end user enters the required password.
                </p></li>
<li><p>
                    The OpenID Provider checks if it is allowed to pass the user
                    identity to the given consumer, and asks the user if needed.
                </p></li>
<li><p>
                    The end user allows or disallows passing his identity.
                </p></li>
<li><p>
                    The OpenID Provider redirects the User-Agent back to the OpenID
                    consumer with an "authentication approved" or "failed" request.
                </p></li>
<li><p>
                    The OpenID consumer verifies the information received from the
                    provider by using the "shared secret" it got on step 3 or by
                    sending additional direct request to the OpenID provider.
                </p></li>
</ol></div>
</div>
<div class="sect2" lang="en">
<div class="titlepage"><div><div><h3 class="title">
<a name="zend.openid.introduction.structure"></a>31.1.3. Zend_OpenId Structure</h3></div></div></div>
<p>
            <code class="code">Zend_OpenId</code> consists of two sub packages. The first one
            is <code class="code">Zend_OpenId_Consumer</code> for developing OpenID-enabled sites
            and the second <code class="code">Zend_OpenId_Provider</code> for developing OpenID
            servers. They are completely independent of each other and may be used
            separately.
        </p>
<p>
            The only common parts of these sub packages are the OpenID Simple
            Registration Extension implemented by
            <code class="code">Zend_OpenId_Extension_Sreg</code> class and the set of utility
            functions implemented by <code class="code">Zend_OpenId</code> class.
        </p>
<div class="note"><table border="0" summary="Note">
<tr>
<td rowspan="2" align="center" valign="top" width="25"><img alt="[Note]" src="images/note.png"></td>
<th align="left">Note</th>
</tr>
<tr><td align="left" valign="top"><p>
                <code class="code">Zend_OpenId</code> takes advantage of the <a href="http://php.net/gmp" target="_top">GMP extension</a>,
                where available. Consider enabling the GMP extension for better performance when using
                <code class="code">Zend_OpenId</code>.
            </p></td></tr>
</table></div>
</div>
<div class="sect2" lang="en">
<div class="titlepage"><div><div><h3 class="title">
<a name="zend.openid.introduction.standards"></a>31.1.4. Supported Standards</h3></div></div></div>
<p>
            The <code class="code">Zend_OpenId</code> component conforms to the following
            standards:
        </p>
<div class="itemizedlist"><ul type="disc">
<li><p>
                    OpenID Authentication protocol version 1.1
                </p></li>
<li><p>
                    OpenID Authentication protocol version 2.0 draft 11
                </p></li>
<li><p>
                    OpenID Simple Registration Extension version 1.0
                </p></li>
<li><p>
                    OpenID Simple Registration Extension version 1.1 draft 1
                </p></li>
</ul></div>
</div>
</div>
</div>
<div class="navfooter"><table width="100%" summary="Navigation footer">
<tr>
<td width="40%" align="left">
<a accesskey="p" href="zend.mime.part.html">Prev</a> </td>
<td width="20%" align="center"> </td>
<td width="40%" align="right"> <a accesskey="n" href="zend.openid.consumer.html">Next</a>
</td>
</tr>
<tr>
<td width="40%" align="left" valign="top">30.3. Zend_Mime_Part </td>
<td width="20%" align="center"><a accesskey="h" href="index.html">Home</a></td>
<td width="40%" align="right" valign="top"> 31.2. Zend_OpenId_Consumer Basics</td>
</tr>
</table></div>
<div class="revinfo"></div>
</body>
</html>
